-
December 26th, 2003, 07:41 PM
#1
Member
Snort question
Ok, I downloaded and was able to install Snort, but when I try starting it up, it says I need to specify an interface with -i switch. What do I need to put in here? How to I go about starting the logging process? Thanks guys!
What do you get when you cross a nun and a penguin?
An operating system that won\'t go down on you.
-
December 26th, 2003, 08:27 PM
#2
ok here is a link to a Snort help forum. You can search there untill somebody who know more about snort then me replies here.
http://www.whitehats.com/cgi/forum/m...?bbs=forum&f=4
-
December 26th, 2003, 08:28 PM
#3
Member
Ok, Ill definetly check that out, thanks for the link!
Ok, found out what I gotta put for -i, but when I start it up, it basically says permission denied, but when I try to su and then do it, it cant find it at all. Any help with that? Do I need to install snort on my root account as well to get it to work?
What do you get when you cross a nun and a penguin?
An operating system that won\'t go down on you.
-
December 27th, 2003, 01:50 AM
#4
I think you do, maybe the account u are on is limited and can't run every program. Try with the r00t one.
-
December 27th, 2003, 02:42 AM
#5
Member
Alright, Ill do that, but doesnt su give you root privileges, so that you can run all programs? Or does it just switch you over to root account inside the shell?
What do you get when you cross a nun and a penguin?
An operating system that won\'t go down on you.
-
December 27th, 2003, 03:20 AM
#6
Re: Snort question
Originally posted here by Talith
Ok, I downloaded and was able to install Snort, but when I try starting it up, it says I need to specify an interface with -i switch. What do I need to put in here? How to I go about starting the logging process? Thanks guys!
Hi Talith,
Snort can listen on multiple interfaces, as such it gives you the ability to specify which interface you
want snort to sit on at startup (e.g. hme0, qfe1, fxp1, eth0, etc.); this is what the -i argument provides to snort.
Like MemorY said, check out the snort forums and mailing lists, it is an awesome tool and awesome tools
usually require education to use properly.
Best of luck.
-- spurious
Get OpenSolaris http://www.opensolaris.org/
-
December 27th, 2003, 03:22 AM
#7
Member
Yeah, I got the -i thing workin, found out it was eth0, but then Im just stuck on it not being able to run in my normal account, and then when I try to su and use it, it says it cant find it at all. Ill try installing it on my root account and then see if I can run it from my normal account with SU privileges. Thanks for the advice though inode, helps a lot!
What do you get when you cross a nun and a penguin?
An operating system that won\'t go down on you.
-
December 27th, 2003, 03:24 AM
#8
Senior Member
when you are doing an su do an su - instead.
-
December 27th, 2003, 03:28 AM
#9
Member
Hey, that worked! Awesome, thank you so much for that command help qod.
So the - actually logged me in as root, while just regular su changes my permissions to root, or what goes on when I enter - as opposed to regular su? And then why did it say snort not found when I did a regular snort? Too many questions! AHHH...
What do you get when you cross a nun and a penguin?
An operating system that won\'t go down on you.
-
December 27th, 2003, 04:06 AM
#10
su by itself just logs you into the su account, adding the - (su -) does a full login to the specified user (root
if no username is provided).
-- spurious
Get OpenSolaris http://www.opensolaris.org/
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|